Cyber warfare is rapidly becoming part of the modern military and political arsenal of many nations including the United States. Incoming U.S. President Donald Trump wants to stop cyber attacks. He is bringing in top corporate experts as advisers and as asked former New York mayor Rudolph Giuliani to act as his eye and ears.

There are many kinds of cyber attacks and perpetrators with various complex political, economic and military goals. But the most dangerous. attacks are those that would impact the balance of power by damaging a state’s critical infrastructure.

Hardening the infrastructure and creating a “U.S. only” system – not purchasing foreign, mainly Chinese, systems and eliminating weak controllers that can be compromised would be good first steps.

The U.S. does not lack cyber weapons or the will to use them. Plenty of America’s capacity for cyber warfare has been exposed by Edward Snowden, who had unprecedented access to some of the National Security Agency’s (NSA) deepest secrets. Much of what Snowden recorded has now been published, exposing how a major part of the U.S. intelligence systems sucks up information and employs malicious tools against possible adversaries.

The most famous of all is the U.S.-Israeli tool called Stuxnet. Stuxnet is, so far as is known, the most sophisticated single tool was used against Iran’s centrifuge program enriching uranium for a potential nuclear weapon. Stuxnet was based on excellent intelligence on Iran’s centrifuge system and the computer, SCADA controllers and frequency converters that ran them.

SCADA systems are used to manage operations at oil refineries, nuclear and conventional power plants, manufacturing systems and in classified control systems including themanufacture of nuclear weapons, as was the case in Iran.

The U.S. is not the only country to carry out an attack on the critical infrastructure or to focus an attack on SCADA-operated systems. China and Russia also have done it, with China aiming most heavily at Taiwan (its practice target) and against the U.S. critical infrastructure. There have been other attacks on power plants world-wide. Notably, according to South Korea’s investigators, the Korea Hydro and Nuclear Power Company was hit by a cyber attack between December 9 -12, 2014. In the attack, some 5,986 “phishing” emails were sent to 3,571 employees of the power company. Data abourt the plant and strategic diagrams were taken by the North Koreas. However, it does not appear that the operation of the nuclear plant was directly attacked although North Korea would have got hold of information on the SCADA systems and other software controlling the plant. And, as the phishing emails reveal, this was not an amateur operation in the sense that the full employee list plus email addresses was in the hands of the perpetrators. Clearly, the level of security at Korea Hydro and Nuclear was very poor. The implications of a successful attack on a nuclear plant, sending it out of control, could cause an incident as serious as Chernobyl.

Russia, on the other hand, despite the most recent allegations of an attack on a Vermont-based power plant (now proven false) has focused on nearby neighbors including Estonia, Poland, Georgia, and Ukraine. They began in 2007 when the Estonians removed a war memorial and associated graves known as the Bronze Soldier of Tallinn – a salute to the Red Army soldiers who liberated Estonia from the Nazis. In response, the Russians demanded autonomy for the local Estonian Russian-speaking population and launched cyber attacks against sensitive banking and financial institutions, newspapers and supposedly secret telecommunications nodes which were part of Estonia’s national security apparatus.

Its attack on the Ukrainian power station is regarded as perhaps the most sophisticated ever launched against a power station. The Ukrainian plant’s control systems and security were top notch. Nonetheless, using malware called the BlackEnergy Trojan the Sandworm hackers began to execute a series of moves based on six months of elaborate reconnaissance that paid off when they attacked. A key feature of the attack is that the power plant’s staff was locked out of the computers by which it controls operations. Being locked out, the staff was unable to take steps to mitigate the attack. A similar attack on a nuclear power plant could do more than just shut down power output: it could cause the reactor to go out of control.

The lessons are clear. An adversary today, whether a state actor, a criminal conspiracy or a terrorist organization, can attack any critical infrastructure in the U.S. or abroad. In addition, it is likely that many already have carried out the necessary reconnaissance, set up the attack plans, and tested out the likelihood of success in anticipation of a full-blown attack. Finally,it is clear that even a critical infrastructure with current-day protection probably cannot survive a sophisticated operation.

The challenge to the new administration is how to better protect America’s systems. The first step must be to find ways to harden the SCADA systems substantially, meaning that commercially-produced systems bought today on the global market are a bad solution. SCADA systems need multilevel security, two step verification and compartmented access along with strong encryption and, even then, must be isolated from the Internet. A hardened new design produced under U.S. government control that is distributed only to users approved by the government for enhanced protection will make it difficult if not impossible to successfully penetrate America’s vital systems. If the Trump administration moves in this direction we will be a lot safer in future.

This article appeared originally in Asia Times. The article has been expanded in this version.

Stay Connected

Stephen Bryen Leading technologist policy expert and strategist

Dr. Stephen Bryen is the author of the new book, "Technology Security and National Power: Winners and Losers" (Transaction Publishers).
Dr. Stephen Bryen has 40 years of leadership in government and industry. He has served as a senior staff director of the U.S. Senate Foreign Relations Committee, as the Deputy Under Secretary of Defense for Trade Security Policy, as the founder and first director of the Defense Technology Security Administration, as the President of Delta Tech Inc., as the President of Finmeccanica North America, and as a Commissioner of the U.S. China Security Review Commission. Dr. Bryen's expertise and high effectiveness has earned him the highest civilian awards of the U.S. Defense Department on two occasions and established him as a proven government, civic and business leader in Washington D.C. and internationally. Dr. Bryen is regarded as a thought leader on technology security policy.

Technology Security and National Power: Winners and Losers

In Technology Security and National Power: Winners and Losers Stephen Bryen shows how the United States has squandered its technological leadership through unwise policies. Starting from biblical times, he shows how technology has either increased national power or led to military and political catastrophe. He goes on to show how the US has eroded its technological advantages, endangering its own security.

Disclaimer: My expertise is strategy. I focus on policy and how to implement plans and programs and how to manage outcomes.
I have had four wonderful careers: in government as a senior official; in industry as a President and CEO; as an entrepreneur in launching new ideas and new businesses; and as an author who regularly publishes in the area of international affairs and cybersecurity. And before all the above happened I was a Professor and pioneer in cybernetics in the social sciences at Lehigh University.